Blackrota is a malicious backdoor written in the Go language that exploits a security bug in the Docker Remote API. Obfuscated malware written in Go is rare. What’s more, the obfuscation method of Blackrota creates new challenges for reverse analysis. More information regarding this new threat can be found below.
Read moreXopero Blog
How to build a comprehensive backup strategy for your company
We as humans live in a very dangerous world, full of unexpected risks. Now imagine a world, where danger hides around every corner, you can’t make any mistake, otherwise, you are gone. In the world, I just described, live all of your company data. You can influence this world by providing your data with adequate protection. The First step is creating a comprehensive backup strategy. In this article, I will guide you through points you have to have in mind while creating your organization’s backup strategy.
Read moreNew Jupyter malware steals browser data first, then opens backdoor and steals even more
Jupyter malware is the newest threat in the wild. It is a trojan info stealer which also possesses full backdoor functionality. According to researchers at Morphisec, the malware campaign started off in May 2020. Since then, they tracked down a few different variants of Jupyter. The campaign goes on…. so beware.
Read morePlatypus attack abuses RAPL mechanism to steal data from CPUs
Platypus is a novel software-based power side-channel attack on Intel server, desktop and laptop CPUs. Using this technique attacker could be able to extract secrets from a device, like cryptographic keys. How does it work exactly? Check our newest Security Center issues.
Read moreRegretLocker – this new ransomware can meddle with your virtual hard drives
Welcome to the next episode of the Xopero Security Center! This time we shed some light on RegretLocker. This new ransomware is quite a sophisticated threat. It uses advanced techniques to compromise Windows virtual machines first, then encrypts virtual hard drives. How exactly? Check below.
Read moreHiddenAds malware does manage to slip into Google Play… again
Google continues to struggle with keeping bad apps off Play marketplace. This time researchers have discovered malicious gaming apps packed with a new threat from HiddenAds malware family. Apps were downloaded 8 million… Yes, definitely – Google is still struggling with its marketplace security.
Read moreGravityRAT malware – a great return? Now also targets Android and iOS users
Welcome to the next episode of the Xopero Security Center! GravityRAT is no longer just a Windows malware. New samples had revealed that the last variation targets also Android and iOS devices. What does it mean for cybersecurity professionals? Before we answer that… There is a new Chrome 0-day under active attacks. Check the news below.
Read moreBleedingTooth: the new critical kernel Bluetooth vulnerabilities
Researchers discovered several critical flaws – collectively called “BleedingTooth” – in the BlueZ kernel Bluetooth stack. There is already a YouTube video demonstrating remote code execution using these vulnerabilities. More details can be found below.
Read moreHEH botnet is going after exposed Telnet Services on IoT devices
Researchers spotted a new IoT botnet that brute forces telnet ports on routers and then erase infected devices. HEH botnet also has some peculiar feature – or its creators have a strange sense of humour – it briefly displays the United Nations’ Universal Declaration of Human Rights… and is coded to display it in eight languages.
Read moreNewest InterPlanetary Storm variant targeting devices with Secure Shell
The cybercriminal group behind InterPlanetary Storm malware has released its new variant into the wild. The malware is building a botnet – which now consists of roughly 13,500 infected machines worldwide. More about the IPS malware and ongoing campaign you can find below.
Read more